Category Archives: Security

Apache .conf and phpini file backups

Apache .conf and phpini file backups
Continue reading →

PHP Scripts for SiteBar is a bookmark server

SiteBar is a bookmark server intended for both personal and enterprise usage. It integrates to most browsers used today and offers maximum number of features on the smallest possible place. The most important features are granular security mechanism, bookmarks import/export, painless upgrade/install procedure, drag & drop, skins, speed and internationalization.

<?

//####################################################################
// Active PHP Bookmarks - lbstone.com/apb/
//
// Filename: search.php
// Authors: L. Brandon Stone (lbstone.com)
//           Nathanial P. Hendler (retards.org)
//
// 2001-10-28 00:04     Starting on search for version 1.0 (NPH)
//
//####################################################################

include_once('apb.php');
apb_head();

$APB_SETTINGS['allow_edit_mode'] = 1;

// Clean up the data that's been passed to us [LBS 20020211].
$keywords = trim($keywords);
$keywords = preg_replace("/ +/", " ", $keywords);

$columns       = array('b.bookmark_url', 'b.bookmark_description', 'b.bookmark_title');
$group_columns = array('g.group_title', 'g.group_description');

$words = split(" ", $keywords, 8);
$total_bookmarks = get_number_of_bookmarks();

if ($APB_SETTINGS['auth_user_id']) {
$private_sql = "";
} else {
$private_sql = "AND b.bookmark_private = 0";
}

foreach ($words as $search_string) {

// This doesn't do anything helpful yet...
if (preg_match("/^-/", $search_string)) {
print "<b>NOT</b> $search_string<br>\n";
}

/******************************/
/* Look for Groups that Match */

foreach ($group_columns as $column) {
$query = "
SELECT g.group_id, g.group_title
FROM apb_groups g
WHERE ($column LIKE '%$search_string%')
AND g.user_id = " . $APB_SETTINGS['user_id'] . "
#$private_sql
";

#print "<p><pre>$query</pre><p>\n\n";

$result = mysql_db_query($APB_SETTINGS['apb_database'], $query);
$total_rows = mysql_num_rows($result);

while ($row = mysql_fetch_assoc($result)) {
$mod = 1;
#$group_results[$row[group_id]] += (( 2 * ( 100 - (($total_rows/$total_groups) * 100) ) ) / $mod);
$group_results[$row[group_id]]++;
}
}

/*********************************/
/* Look for Bookmarks that Match */

foreach ($columns as $column) {
$query = "
SELECT b.bookmark_id, b.bookmark_description, b.bookmark_url, g.group_title
FROM apb_bookmarks b
LEFT JOIN apb_groups g ON (g.group_id = b.group_id)
WHERE ($column LIKE '%$search_string%')
AND b.user_id = " . $APB_SETTINGS['user_id'] . "
AND b.bookmark_deleted != 1
$private_sql
";

#print "<p><pre>$query</pre><p>\n\n";

$result = mysql_db_query($APB_SETTINGS['apb_database'], $query);
$total_rows = mysql_num_rows($result);

while ($row = mysql_fetch_assoc($result)) {
if ($column == 'b.bookmark_url') {
$mod = 1.5;
} else {
$mod = 1;
}
$results[$row[bookmark_id]] += (( 2 * ( 100 - (($total_rows/$total_bookmarks) * 100) ) ) / $mod);
}
}
}

$keyword = htmlspecialchars(stripslashes($keyword));
$number_of_results = count($results) + count($group_results);

print "<h2>Search Results</h2>";
if ($number_of_results == 1) { $s = ""; }
else { $s = "s"; }

// Added all the entities stripslashes stuff to the search results. [LBS 20020211]
print "<p><b>$number_of_results</b> result".$s." for \"<b>".htmlentities(stripslashes($keywords))."</b>\"";

?>


<p>
<form>
<input type='hidden' name='action' value='search'>
<input name='keywords' value="<? echo htmlentities(stripslashes($keywords)) ?>">
<input type='submit' name='Submit' value='Search'>
</form>
<?

print "<p><table align='center' cellpadding='0' cellspacing='0' border='0'><tr><td>\n";

if ($group_results) {

print "<p><b>Group Matches</b></p>\n\n";

echo "<ul>";
while(list($id, $score) = each ($group_results)) {
$g = apb_group($id);
print "<li>";
#print $g->link();
#print " (Home :: " . $g->get_group_path() . ")";
$g->print_group_path();

if ($g->description()) {
print " - ".$g->description();
}
print "\n";
}
echo "</ul>";

}

if ($results) {
arsort($results);
reset($results);

print "<p><b>Site Matches</b></p>\n\n";

echo "<ul>";
while(list($id, $score) = each ($results)) {
$b = apb_bookmark($id);
$g = apb_group($b->group_id());
print "<li>";
#print "<tt>[$score]</tt> ";
print $b->link() . " <font size='1'>(" . $g->link() . ")</font> ";
if ($b->description()) {
print " - ".$b->description();
}
print "\n";
}
echo "</ul>";
}

print "</td></tr></table>\n\n";

apb_foot();

?>

&nbsp;

PHP Scripts for Brim is an application suite

Leave a reply

Brim is an application suite that allows you to manage all your personal items online. No need to syncronize your bookmarks/favorites and contacts, you can now keep them well-secured online in one single place.. Additionally, Brim provides a calendar, a task manager, notes, a password manager etc. all behind a single logon.

<?
//####################################################################
// Active PHP Bookmarks - lbstone.com/apb/
//
// Filename: cookie_auth.php
// Author:   L. Brandon Stone (lbstone.com)
//           Nathanial P. Hendler (retards.org)
//
// 2001-09-05 11:36     Created
//
//####################################################################

include_once('apb.php');

if ($APB_SETTINGS['auth_type'] == 'cookie') {

//####################################################################
// Cookie login/logout.
//####################################################################

// Login Form
if ($action == 'cookie_login') {

apb_head();
?>
<h2>User Login</h2>
<form action="<? echo $SCRIPT_NAME ?>?action=set_cookie_login" method="post">
<table cellpadding="5" cellspacing="0" border="0">
<tr>
<td>Username:</td>
<td><input name="form_username"></td>
</tr><tr>
<td>Password:</td>
<td><input type="password" name="form_password"></td>
</td>
</table>

<p><input type="checkbox" name="login_type" value="permanent"> Remember Me
<p><input type="submit" value="Login">
</form>
<?
apb_foot();

}

// Login
if ($action == "set_cookie_login")
{
$expiration_date = time()+(60*60*24*365*10); // Expire in 10 years.
if ($login_type != "permanent") { $expiration_date = 0; } // Expire when browser is closed.

setcookie("cookie_username", strtolower($form_username), $expiration_date);
setcookie("cookie_password", crypt($form_password, "27"), $expiration_date);
header ("Location: ".$APB_SETTINGS['apb_url']);
exit;
}

// Logout
if ($action == "cookie_logout")
{
setcookie("cookie_username", "");
setcookie("cookie_password", "");
header ("Location: ".$APB_SETTINGS['apb_url']);
exit;
}

} else {
apb_head();
print "<b>System is set for HTTPD Authentication. Something is wrong</b><p>\n";
error("cookie_auth.php: System is set for HTTPD Authentication. Something is wrong");
apb_foot();
}

/*
// General where clause addition for public.
if ($private_session) { $where_public = ""; }
else { $where_public = "AND public = 1"; }
*/

?>

&nbsp;

Fast Secure Contact Form PHP Scripts

Leave a reply

Fast Secure Contact Form PHP Script allows a user to easily create and add contact forms to a web page.The form will let the user send emails to a site’s admin. An administration panel is present, where the user can create and preview his forms.Features a super easy admin panel, multi-form feature, autoresponder, no templates to mess with, and an option to redirect visitors to any URL after the message is sent. Includes CAPTCHA and Akismet support to block all common spammer tactics. Spam is no longer a problem. You can add extra fields of any type: text, textarea, checkbox, checkbox-multiple, radio, select, select-multiple, attachment, date, time, hidden, password, and fieldset.

<?php
/*
Fast Secure Contact Form - PHP Script
Author: Mike Challis
http://www.FastSecureContactForm.com/
*/
//do not allow direct access
if ( strpos(strtolower($_SERVER['SCRIPT_NAME']),strtolower(basename(__FILE__))) ) {
header('HTTP/1.0 403 Forbidden');
exit('Forbidden');
}

/**
* Akismet anti-comment spam service
*
* The class in this package allows use of the {@link http://akismet.com Akismet} anti-comment spam service in any PHP5 application.
*
* This service performs a number of checks on submitted data and returns whether or not the data is likely to be spam.
*
* Please note that in order to use this class, you must have a vaild {@link http://wordpress.com/api-keys/ WordPress API key}. They are free for non/small-profit types and getting one will only take a couple of minutes.
*
* For commercial use, please {@link http://akismet.com/commercial/ visit the Akismet commercial licensing page}.
*
* Please be aware that this class is PHP5 only. Attempts to run it under PHP4 will most likely fail.
*
* See the Akismet class documentation page linked to below for usage information.
*
* @package       akismet
* @author       Alex Potsides, {@link http://www.achingbrain.net http://www.achingbrain.net}
* @version       0.4
* @copyright   Alex Potsides, {@link http://www.achingbrain.net http://www.achingbrain.net}
* @license       http://www.opensource.org/licenses/bsd-license.php BSD License
*/

/**
*   The Akismet PHP5 Class
*
* This class takes the functionality from the Akismet WordPress plugin written by {@link http://photomatt.net/ Matt Mullenweg} and allows it to be integrated into any PHP5 application or website.
*
* The original plugin is {@link http://akismet.com/download/ available on the Akismet website}.
*
* <b>Usage:</b>
* <code>
*    $akismet = new Akismet('http://www.example.com/blog/', 'aoeu1aoue');
*    $akismet->setCommentAuthor($name);
*    $akismet->setCommentAuthorEmail($email);
*    $akismet->setCommentAuthorURL($url);
*    $akismet->setCommentContent($comment);
*    $akismet->setPermalink('http://www.example.com/blog/alex/someurl/');
*    if($akismet->isCommentSpam())
*      // store the comment but mark it as spam (in case of a mis-diagnosis)
*    else
*      // store the comment normally
* </code>
*
* Optionally you may wish to check if your WordPress API key is valid as in the example below.
*
* <code>
*   $akismet = new Akismet('http://www.example.com/blog/', 'aoeu1aoue');
*
*   if($akismet->isKeyValid()) {
*     // api key is okay
*   } else {
*     // api key is invalid
*   }
* </code>
*
*   @package   akismet
*   @name       Akismet
*   @version   0.4
* @author       Alex Potsides
* @link       http://www.achingbrain.net/
*/
class Akismet
{
private $version = '0.4';
private $wordPressAPIKey;
private $blogURL;
private $comment;
private $apiPort;
private $akismetServer;
private $akismetVersion;

// This prevents some potentially sensitive information from being sent accross the wire.
private $ignore = array('HTTP_COOKIE',
'HTTP_X_FORWARDED_FOR',
'HTTP_X_FORWARDED_HOST',
'HTTP_MAX_FORWARDS',
'HTTP_X_FORWARDED_SERVER',
'REDIRECT_STATUS',
'SERVER_PORT',
'PATH',
'DOCUMENT_ROOT',
'SERVER_ADMIN',
'QUERY_STRING',
'PHP_SELF' );

/**
*   @param   string   $blogURL           The URL of your blog.
*   @param   string   $wordPressAPIKey   WordPress API key.
*/
public function __construct($blogURL, $wordPressAPIKey) {
$this->blogURL = $blogURL;
$this->wordPressAPIKey = $wordPressAPIKey;

// Set some default values
$this->apiPort = 80;
$this->akismetServer = 'rest.akismet.com';
$this->akismetVersion = '1.1';

// Start to populate the comment data
$this->comment['blog'] = $blogURL;
$this->comment['user_agent'] = (isset($_SERVER['HTTP_USER_AGENT'])) ? $_SERVER['HTTP_USER_AGENT'] : '';
$this->comment['referrer'] = (isset($_SERVER['HTTP_REFERER'])) ? $_SERVER['HTTP_REFERER'] : '';

/*
* This is necessary if the server PHP5 is running on has been set up to run PHP4 and
* PHP5 concurently and is actually running through a separate proxy al a these instructions:
* http://www.schlitt.info/applications/blog/archives/83_How_to_run_PHP4_and_PHP_5_parallel.html
* and http://wiki.coggeshall.org/37.html
* Otherwise the user_ip appears as the IP address of the PHP4 server passing the requests to the
* PHP5 one...
*/
$this->comment['user_ip'] = $_SERVER['REMOTE_ADDR'] != getenv('SERVER_ADDR') ? $_SERVER['REMOTE_ADDR'] : getenv('HTTP_X_FORWARDED_FOR');
}

/**
* Makes a request to the Akismet service to see if the API key passed to the constructor is valid.
*
* Use this method if you suspect your API key is invalid.
*
* @return bool   True is if the key is valid, false if not.
*/
public function isKeyValid() {
// Check to see if the key is valid
$response = $this->sendRequest('key=' . $this->wordPressAPIKey . '&blog=' . $this->blogURL, $this->akismetServer, '/' . $this->akismetVersion . '/verify-key');
return $response[1] == 'valid';
}

// makes a request to the Akismet service
private function sendRequest($request, $host, $path) {
$http_request = "POST " . $path . " HTTP/1.0\r\n";
$http_request .= "Host: " . $host . "\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded; charset=utf-8\r\n";
$http_request .= "Content-Length: " . strlen($request) . "\r\n";
$http_request .= "User-Agent: Akismet PHP5 Class " . $this->version . " | Akismet/1.11\r\n";
$http_request .= "\r\n";
$http_request .= $request;

$socketWriteRead = new SocketWriteRead($host, $this->apiPort, $http_request);
$socketWriteRead->send();

return explode("\r\n\r\n", $socketWriteRead->getResponse(), 2);
}

// Formats the data for transmission
private function getQueryString() {
$ignore = array( 'HTTP_COOKIE', 'HTTP_COOKIE2', 'PHP_AUTH_PW' );
foreach($_SERVER as $key => $value) {
if ( !in_array( $key, $ignore ) && is_string($value) ) {
if($key == 'REMOTE_ADDR') {
$this->comment[$key] = $this->comment['user_ip'];
} else {
$this->comment[$key] = $value;
}
}
}

$query_string = '';

foreach($this->comment as $key => $data) {
if(!is_array($data)) {
$query_string .= $key . '=' . urlencode(stripslashes($data)) . '&';
}
}

return $query_string;
}

/**
*   Tests for spam.
*
*   Uses the web service provided by {@link http://www.akismet.com Akismet} to see whether or not the submitted comment is spam. Returns a boolean value.
*
*   @return       bool   True if the comment is spam, false if not
* @throws       Will throw an exception if the API key passed to the constructor is invalid.
*/
public function isCommentSpam() {
$response = $this->sendRequest($this->getQueryString(), $this->wordPressAPIKey . '.rest.akismet.com', '/' . $this->akismetVersion . '/comment-check');

if($response[1] == 'invalid' && !$this->isKeyValid()) {
throw new exception( _('The API key passed to Akismet is invalid. Please obtain a valid one from http://akismet.com/') );
}

return ($response[1] == 'true');
}

/**
*   Submit spam that is incorrectly tagged as ham.
*
*   Using this function will make you a good citizen as it helps Akismet to learn from its mistakes. This will improve the service for everybody.
*/
public function submitSpam() {
$this->sendRequest($this->getQueryString(), $this->wordPressAPIKey . '.' . $this->akismetServer, '/' . $this->akismetVersion . '/submit-spam');
}

/**
*   Submit ham that is incorrectly tagged as spam.
*
*   Using this function will make you a good citizen as it helps Akismet to learn from its mistakes. This will improve the service for everybody.
*/
public function submitHam() {
$this->sendRequest($this->getQueryString(), $this->wordPressAPIKey . '.' . $this->akismetServer, '/' . $this->akismetVersion . '/submit-ham');
}

/**
*   To override the user IP address when submitting spam/ham later on
*
*   @param string $userip   An IP address. Optional.
*/
public function setUserIP($userip) {
$this->comment['user_ip'] = $userip;
}

/**
*   To override the referring page when submitting spam/ham later on
*
*   @param string $referrer   The referring page. Optional.
*/
public function setReferrer($referrer) {
$this->comment['referrer'] = $referrer;
}

/**
*   A permanent URL referencing the blog post the comment was submitted to.
*
*   @param string $permalink   The URL. Optional.
*/
public function setPermalink($permalink) {
$this->comment['permalink'] = $permalink;
}

/**
*   The type of comment being submitted.
*
*   May be blank, comment, trackback, pingback, or a made up value like "registration" or "wiki".
*/
public function setCommentType($commentType) {
$this->comment['comment_type'] = $commentType;
}

/**
*   The name that the author submitted with the comment.
*/
public function setCommentAuthor($commentAuthor) {
$this->comment['comment_author'] = $commentAuthor;
}

/**
*   The email address that the author submitted with the comment.
*
*   The address is assumed to be valid.
*/
public function setCommentAuthorEmail($authorEmail) {
$this->comment['comment_author_email'] = $authorEmail;
}

/**
*   The URL that the author submitted with the comment.
*/
public function setCommentAuthorURL($authorURL) {
$this->comment['comment_author_url'] = $authorURL;
}

/**
*   The comment's body text.
*/
public function setCommentContent($commentBody) {
$this->comment['comment_content'] = $commentBody;
}

/**
*   Defaults to 80
*/
public function setAPIPort($apiPort) {
$this->apiPort = $apiPort;
}

/**
*   Defaults to rest.akismet.com
*/
public function setAkismetServer($akismetServer) {
$this->akismetServer = $akismetServer;
}

/**
*   Defaults to '1.1'
*/
public function setAkismetVersion($akismetVersion) {
$this->akismetVersion = $akismetVersion;
}
}

/**
*   Utility class used by Akismet
*
* This class is used by Akismet to do the actual sending and receiving of data. It opens a connection to a remote host, sends some data and the reads the response and makes it available to the calling program.
*
* The code that makes up this class originates in the Akismet WordPress plugin, which is {@link http://akismet.com/download/ available on the Akismet website}.
*
*   N.B. It is not necessary to call this class directly to use the Akismet class. This is included here mainly out of a sense of completeness.
*
*   @package   akismet
*   @name       SocketWriteRead
*   @version   0.1
* @author       Alex Potsides
* @link       http://www.achingbrain.net/
*/
class SocketWriteRead {
private $host;
private $port;
private $request;
private $response;
private $responseLength;
private $errorNumber;
private $errorString;

/**
*   @param   string   $host           The host to send/receive data.
*   @param   int       $port           The port on the remote host.
*   @param   string   $request       The data to send.
*   @param   int       $responseLength   The amount of data to read. Defaults to 1160 bytes.
*/
public function __construct($host, $port, $request, $responseLength = 1160) {
$this->host = $host;
$this->port = $port;
$this->request = $request;
$this->responseLength = $responseLength;
$this->errorNumber = 0;
$this->errorString = '';
}

/**
* Sends the data to the remote host.
*
* @throws   An exception is thrown if a connection cannot be made to the remote host.
*/
public function send() {
$this->response = '';

$fs = fsockopen($this->host, $this->port, $this->errorNumber, $this->errorString, 3);

if($this->errorNumber != 0) {
throw new Exception( _('Error connecting to Akismet host: ') . $this->host . ' Error number: ' . $this->errorNumber . ' Error message: ' . $this->errorString);
}

if($fs !== false) {
@fwrite($fs, $this->request);

while(!feof($fs)) {
$this->response .= fgets($fs, $this->responseLength);
}

fclose($fs);
}
}

/**
* Returns the server response text
*
* @return   string
*/
public function getResponse() {
return $this->response;
}

/**
*   Returns the error number
*
*   If there was no error, 0 will be returned.
*
*   @return int
*/
public function getErrorNumner() {
return $this->errorNumber;
}

/**
*   Returns the error string
*
*   If there was no error, an empty string will be returned.
*
*   @return string
*/
public function getErrorString() {
return $this->errorString;
}
}

?>

&nbsp;

SI CAPTCHA Anti-Spam Site Navigation

Leave a reply

Adds CAPTCHA anti-spam methods to WordPress forms for comments, registration, lost password, login, or all. In order to post comments or register, users will have to type in the code shown on the image. This prevents spam from automated bots. Adds security. Works great with Akismet. Also is fully WP, WPMU, and BuddyPress compatible.

<?php

if ( isset($_GET['prefix']) && preg_match('/^[a-zA-Z0-9]{15,17}$/',$_GET['prefix']) ){
// no session
$prefix = $_GET['prefix'];

include 'securimage.php';

$char_length = 4;
$chars = 'ABCDEFHKLMNPRSTUVWYZ234578';
$chars_num = '234578'; // do not change this or the code will break!!
// one random position always has to be a number so that a 4 letter swear word could never appear
$rand_pos = mt_rand( 0, $char_length - 1 );
$captcha_word = '';
for ( $i = 0; $i < $char_length; $i++ ) {
// this rand character position is a number only so that a 4 letter swear word could never appear
if($i == $rand_pos) {
$pos = mt_rand( 0, strlen( $chars_num ) - 1 );
$char = $chars_num[$pos];
} else {
$pos = mt_rand( 0, strlen( $chars ) - 1 );
$char = $chars[$pos];
}
$captcha_word .= $char;
}

$img = new securimage();
$img->code_length = 4;

$img->image_width   = 175;
$img->image_height = 60;

if(isset($_GET['si_sm_captcha']) && $_GET['si_sm_captcha'] == 1) {
$img->image_width   = 132;
$img->image_height = 45;
}

//set some settings
$img->nosession = true;
$img->prefix = $prefix;
$img->captcha_path = getcwd() . '/captcha-temp/';
if(file_exists($img->captcha_path . $prefix . '.php') && is_readable( $img->captcha_path . $prefix . '.php' ) ) {
include( $img->captcha_path . $prefix . '.php' );
$img->captcha_word = $captcha_word;
} else {
$img->captcha_word = $captcha_word;
}

$img->use_multi_text = true;
$img->use_transparent_text = true;
$img->text_transparency_percentage = 20;
$img->num_lines = 3;
$img->perturbation = 0.6; // 1.0 = high distortion, higher numbers = more distortion
$img->multi_text_color = array(
'#6666FF','#660000','#3333CC','#993300','#0060CC',
'#339900','#6633CC','#330000','#006666','#CC3366',
);
if (isset($_GET['difficulty']) && $_GET['difficulty'] == 1 ) {
$img->perturbation = 0.5; // 1.0 = high distortion, higher numbers = more distortion
$img->num_lines = 2;
$img->multi_text_color = array('#6666FF','#660000','#3333CC','#993300','#0060CC');
}
if (isset($_GET['difficulty']) && $_GET['difficulty'] == 2 ) {
$img->perturbation = 0.7; // 1.0 = high distortion, higher numbers = more distortion
$img->num_lines = 6;
}
if (isset($_GET['no_trans']) && $_GET['no_trans'] == 1) {
$img->use_transparent_text = false;
}
$img->charset = 'ABCDEFHKLMNPRSTUVWYZ234578';
$img->ttf_file = getcwd() . '/ttffonts/ahg-bold.ttf';   // single font
$img->line_color = new Securimage_Color(rand(0, 64), rand(64, 128), rand(128, 255));
$img->image_type = 'png';
$img->background_directory = getcwd() . '/backgrounds';
$img->ttf_font_directory = getcwd() . '/ttffonts';
$img->show('');
if(!file_exists($img->captcha_path . $prefix . '.php')) {
if ( $fh = fopen( $img->captcha_path . $prefix . '.php', 'w' ) ) {
fwrite( $fh, '<?php $captcha_word = \'' . $captcha_word . '\'; ?>' );
fclose( $fh );
@chmod( $img->captcha_path . $prefix . '.php', 0755 );
}
}
unset($img);
exit;
} else {
// session
include 'securimage.php';

$img = new securimage();
$img->code_length = 4;

$img->image_width   = 175;
$img->image_height = 60;

if(isset($_GET['si_sm_captcha']) && $_GET['si_sm_captcha'] == 1) {
$img->image_width   = 132;
$img->image_height = 45;
}

//set some settings
if( isset($_GET['si_form_id']) && in_array($_GET['si_form_id'], array('com', 'reg', 'log')) ) {
$img->form_id = $_GET['si_form_id'];
}
$img->use_multi_text = true;
$img->use_transparent_text = true;
$img->text_transparency_percentage = 20;
$img->num_lines = 3;
$img->perturbation = 0.6; // 1.0 = high distortion, higher numbers = more distortion
$img->multi_text_color = array(
'#6666FF','#660000','#3333CC','#993300','#0060CC',
'#339900','#6633CC','#330000','#006666','#CC3366',
);
if (isset($_GET['difficulty']) && $_GET['difficulty'] == 1 ) {
$img->perturbation = 0.5; // 1.0 = high distortion, higher numbers = more distortion
$img->num_lines = 2;
$img->multi_text_color = array('#6666FF','#660000','#3333CC','#993300','#0060CC');
}
if (isset($_GET['difficulty']) && $_GET['difficulty'] == 2 ) {
$img->perturbation = 0.7; // 1.0 = high distortion, higher numbers = more distortion
$img->num_lines = 6;
}
if (isset($_GET['no_trans']) && $_GET['no_trans'] == 1) {
$img->use_transparent_text = false;
}
$img->charset = 'ABCDEFHKLMNPRSTUVWYZ234578';
$img->ttf_file = getcwd() . '/ttffonts/ahg-bold.ttf';   // single font
$img->line_color = new Securimage_Color(rand(0, 64), rand(64, 128), rand(128, 255));
$img->image_type = 'png';
$img->background_directory = getcwd() . '/backgrounds';
$img->ttf_font_directory = getcwd() . '/ttffonts';
$img->show('');

unset($img);
exit;
}

?>

&nbsp;

&nbsp;

How To Create A Pagination In PHP

Leave a reply

DownSeeker periodically updates pricing and software information of How To Create A Pagination In PHP full version from the publisher using pad file and submit from users, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators, cd key, hacks is illegal and prevent future development of How To Create A Pagination In PHP Edition. Download links are directly from our publisher sites. Links How To Create A Pagination In PHP from Bittorrent, mediafire.com, uploadfiles.com, hotfiles.com rapidshare.com, yousendit.com, megaupload.com, netload.in, storage.to, depositfiles.com and other files hosting are not allowed.

<code>function</code> <code>Pages(</code><code>$tbl_name</code><code>,</code><code>$limit</code><code>,</code><code>$path</code><code>)</code>
<div>
<table>
<tbody>
<tr>
<td><code>02</code></td>
<td><code>{</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>03</code></td>
<td><code> </code><code>$query</code> <code>= </code><code>"SELECT COUNT(*) as num FROM $tbl_name"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>04</code></td>
<td><code> </code><code>$row</code> <code>= mysql_fetch_array(mysql_query(</code><code>$query</code><code>));</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>05</code></td>
<td><code> </code><code>$total_pages</code> <code>= </code><code>$row</code><code>[</code><code>'num'</code><code>];</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>06</code></td>
<td><code> </code><code>$adjacents</code> <code>= </code><code>"2"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>07</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>08</code></td>
<td><code> </code><code>$page</code> <code>= (int) (!isset(</code><code>$_GET</code><code>[</code><code>"page"</code><code>]) ? 1 : </code><code>$_GET</code><code>[</code><code>"page"</code><code>]);</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>09</code></td>
<td><code> </code><code>$page</code> <code>= (</code><code>$page</code> <code>== 0 ? 1 : </code><code>$page</code><code>);</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>10</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>11</code></td>
<td><code> </code><code>if</code><code>(</code><code>$page</code><code>)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>12</code></td>
<td><code> </code><code>$start</code> <code>= (</code><code>$page</code> <code>- 1) * </code><code>$limit</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>13</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>14</code></td>
<td><code> </code><code>$start</code> <code>= 0;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>15</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>16</code></td>
<td><code>$sql</code> <code>= </code><code>"SELECT id FROM $tbl_name LIMIT $start, $limit"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>17</code></td>
<td><code>$result</code> <code>= mysql_query(</code><code>$sql</code><code>);</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>18</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>19</code></td>
<td><code> </code><code>$prev</code> <code>= </code><code>$page</code> <code>- 1;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>20</code></td>
<td><code> </code><code>$next</code> <code>= </code><code>$page</code> <code>+ 1;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>21</code></td>
<td><code> </code><code>$lastpage</code> <code>= </code><code>ceil</code><code>(</code><code>$total_pages</code><code>/</code><code>$limit</code><code>);</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>22</code></td>
<td><code> </code><code>$lpm1</code> <code>= </code><code>$lastpage</code> <code>- 1;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>23</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>24</code></td>
<td><code> </code><code>$pagination</code> <code>= </code><code>""</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>25</code></td>
<td><code> </code><code>if</code><code>(</code><code>$lastpage</code> <code>> 1)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>26</code></td>
<td><code> </code><code>{ </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>27</code></td>
<td><code> </code><code>$pagination</code> <code>.= </code><code>"<div class='pagination'>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>28</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$page</code> <code>> 1)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>29</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$prev'>« previous</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>30</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>31</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<span class='disabled'>« previous</span>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>32</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>33</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$lastpage</code> <code>< 7 + (</code><code>$adjacents</code> <code>* 2))</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>34</code></td>
<td><code> </code><code>{ </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>35</code></td>
<td><code> </code><code>for</code> <code>(</code><code>$counter</code> <code>= 1; </code><code>$counter</code> <code><= </code><code>$lastpage</code><code>; </code><code>$counter</code><code>++)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>36</code></td>
<td><code> </code><code>{</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>37</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$counter</code> <code>== </code><code>$page</code><code>)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>38</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<span class='current'>$counter</span>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>39</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>40</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$counter'>$counter</a>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>41</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>42</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>43</code></td>
<td><code> </code><code>}</code><code>elseif</code><code>(</code><code>$lastpage</code> <code>> 5 + (</code><code>$adjacents</code> <code>* 2)){</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>44</code></td>
<td><code> </code><code>if</code><code>(</code><code>$page</code> <code>< 1 + (</code><code>$adjacents</code> <code>* 2)){</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>45</code></td>
<td><code> </code><code>for</code> <code>(</code><code>$counter</code> <code>= 1; </code><code>$counter</code> <code>< 4 + (</code><code>$adjacents</code> <code>* 2); </code><code>$counter</code><code>++){</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>46</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$counter</code> <code>== </code><code>$page</code><code>)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>47</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<span class='current'>$counter</span>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>48</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>49</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$counter'>$counter</a>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>50</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>51</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>52</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"..."</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>53</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$lpm1'>$lpm1</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>54</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$lastpage'>$lastpage</a>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>55</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>56</code></td>
<td><code> </code><code>}</code><code>elseif</code><code>(</code><code>$lastpage</code> <code>- (</code><code>$adjacents</code> <code>* 2) > </code><code>$page</code> <code>&& </code><code>$page</code> <code>> (</code><code>$adjacents</code> <code>* 2)){</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>57</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=1'>1</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>58</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=2'>2</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>59</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"..."</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>60</code></td>
<td><code> </code><code>for</code> <code>(</code><code>$counter</code> <code>= </code><code>$page</code> <code>- </code><code>$adjacents</code><code>; </code><code>$counter</code> <code><= </code><code>$page</code> <code>+ </code><code>$adjacents</code><code>; </code><code>$counter</code><code>++)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>61</code></td>
<td><code> </code><code>{</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>62</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$counter</code> <code>== </code><code>$page</code><code>)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>63</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<span class='current'>$counter</span>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>64</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>65</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$counter'>$counter</a>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>66</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>67</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>68</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>".."</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>69</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$lpm1'>$lpm1</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>70</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$lastpage'>$lastpage</a>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>71</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>72</code></td>
<td><code> </code><code>}</code><code>else</code><code>{</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>73</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=1'>1</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>74</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=2'>2</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>75</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>".."</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>76</code></td>
<td><code> </code><code>for</code> <code>(</code><code>$counter</code> <code>= </code><code>$lastpage</code> <code>- (2 + (</code><code>$adjacents</code> <code>* 2)); </code><code>$counter</code> <code><= </code><code>$lastpage</code><code>; </code><code>$counter</code><code>++)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>77</code></td>
<td><code> </code><code>{</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>78</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$counter</code> <code>== </code><code>$page</code><code>)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>79</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<span class='current'>$counter</span>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>80</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>81</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$counter'>$counter</a>"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>82</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>83</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>84</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>85</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>86</code></td>
<td><code> </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>87</code></td>
<td><code> </code><code>if</code> <code>(</code><code>$page</code> <code>< </code><code>$counter</code> <code>- 1)</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>88</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<a href='"</code><code>.</code><code>$path</code><code>.</code><code>"page=$next'>next »</a>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>89</code></td>
<td><code> </code><code>else</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>90</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"<span class='disabled'>next »</span>"</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>91</code></td>
<td><code> </code><code>$pagination</code><code>.= </code><code>"</div>n"</code><code>; </code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>92</code></td>
<td><code> </code><code>}</code></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>93</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>94</code></td>
<td></td>
</tr>
</tbody>
</table>
</div>
<div>
<table>
<tbody>
<tr>
<td><code>95</code></td>
<td><code>return</code> <code>$pagination</code><code>;</code></td>
</tr>
</tbody>
</table>
</div>
<table>
<tbody>
<tr>
<td><code>96</code></td>
<td><code>}</code></td>
</tr>
</tbody>
</table>
&nbsp;

&nbsp;

PHP Scripts for Rad User Manager

Leave a reply

Password protect sections of your website or create a members only area with the help of the Rad User Manager. The User Manager is a complete authentication system that is secure and customizable. All user information is saved in a database and can be easily integrated with existing web applications that use the same technology. Visitors to your site can sign up online or the administrator can add new members with the admin section. The admin se.

<?
# Rad User Manager Version 2.90
# Copyright (C) Rad Inks (Pvt) Ltd. 2003-2005
# http://www.radinks.net/

# Licence:
# The contents of this file are subject to the Mozilla Public
# License Version 1.1 (the "License"); you may not use this file
# except in compliance with the License. You may obtain a copy of
# the License at http://www.mozilla.org/MPL/
#
# Software distributed under the License is distributed on an "AS
# IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
# implied. See the License for the specific language governing
# rights and limitations under the License.
#
# The Initial Developer of the Original Code is Rad Inks (Pvt) Ltd.
# Portions created by Rad Inks are Copyright (C) 2003-2005
# Rad Inks (Pvt) Ltd. All Rights Reserved.
#

require_once(dirname(__FILE__)."/../inc/config.php");

define("iMANAGER",4);
define("iUSER",1);

class UserProfile
{
var $id;
var $userName;

var $title;
var $firstName;
var $lastName;
var $company;

var $email;
var $addr1;
var $addr2;
var $city;
var $state;
var $country;
var $tel;
var $fax;
var $mobiTel;
var $homeTel;
var $web;
var $key;
var $IP;
var $signUp;
var $validated;
var $newsLetter;
var $zip;
}

function db_query($query)
{
global $db_type;

if($db_type == 'mysql')
{
$res = @mysql_query($query);
}
else
{
$res = @pg_query($query);
}
return $res;
}

function db_num_rows($res)
{
global $db_type;
if($db_type == 'mysql')
{

return @mysql_num_rows($res);
}
else
{
return @pg_num_rows($res);
}
}

function db_fetch_row($res)
{
global $db_type;
if($db_type == 'mysql')
{
return mysql_fetch_row($res);
}
else
{
return pg_fetch_row($res);
}
}

function db_fetch_array($res)
{
global $db_type;
if($db_type == 'mysql')
{
return mysql_fetch_array($res);
}
else
{
$row=pg_fetch_assoc($res);
return $row;
}
}

function db_error_log($line='')
{
global $db_type;

if($db_type == 'mysql')
{
if(mysql_errno() != 0)
{
$errMessage = mysql_error();
error_log("$line $errMessage");
return $errMessage;
}
}
else
{
$errMessage = pg_last_error();
error_log("$line $errMessage");
return $errMessage;
}
}

function db_insert_id($sequence)
{
global $db_type;
if($db_type == 'mysql')
{
return mysql_insert_id();
}
else
{
$result = pg_query("SELECT currval('$sequence')");
if($result)
{
$row = pg_fetch_row($result);
return $row[0];
}
}
}

/**
* shows a formatted error message
*/
function err_message($str)
{
echo sprintf('<table border=0 width="350" align="center">
<tr><td>%s</td></tr>
</table><br>',$str);
}

/**
* this function returns the currently logged in user's username
*/
function get_name()
{
global $con;
$sid = session_id();
$query = "SELECT a.userFirstName FROM userProfile a, loggedUsers b
WHERE b.sessionId = '$sid' and b.userId = a.userId";

$result = db_query($query);

if($result)
{
$row = db_fetch_row($result);

return $row[0];
}
else
{
return "";
}

}

/**
* Creates an entry in the logged users table. Call this method
* directly if you want to automatically log in a new user who
* has just signed up.
*/

function set_session($userId,$sessionId, $con)
{
$query = "INSERT INTO loggedUsers(userId,sessionId, loginTime,lastAccess )
VALUES($userId,'$sessionId', now(),now())";

$result = db_query($query,$con);

if(db_error_log() != '')
{
/*
* it could be that you are already logged in
*/
$u2 = is_logged($sessionId);

return ($u2 == $userId);
}

return 1;
}

/**
* this should not be a function, it should be a cron. It has however
* been made available so that you have a means of cleaning up unwanted
* sessions, even if you do not have access to the cron daemon or other
* scheduling mechanism.
*/
function clean_sessions()
{
global $db_type;
if($db_type=='mysql')
{
$query = "delete from loggedUsers where
unix_timestamp(date_add(lastAccess, interval 1 hour)) < unix_timestamp(now())";
}
else
{
$query = "delete from loggedUsers where
round(date_part('epoch',lastAccess + interval '1 hour')) < round(date_part('epoch',now()))";
}

$result = db_query($query);
}

/**
* returns 0 if you are not logged in. else returns your userid
* also updates the 'lastAccess' field in the logged users table.
*/
function is_logged($sid="")
{
global $con,$db_type;

if(!isset($sid) || $sid == '')
{
$sid = session_id();
}

/*
* if you set up a cron to clean up unwanted sessions, please comment
* the next line.
*/
clean_sessions();
if($db_type=='mysql')
{
$query = "SELECT userId from loggedUsers where sessionId = '$sid' and
unix_timestamp(date_add(lastAccess, interval 1 hour)) > unix_timestamp(now())";
}
else
{
$query = "SELECT userId from loggedUsers where sessionId = '$sid' and
round(date_part('epoch',lastAccess + interval '1 hour')) >
round(date_part('epoch',now()))";
}

$result = db_query($query);

if($result)
{
$row = db_fetch_row($result);
if($row)
{

$query = "UPDATE loggedUsers set lastAccess=now() where userId = $row[0]";
db_query($query);
db_error_log();
}
return $row[0];
}
else
{
return 0;
}
}

/**
* Are you logged in as the administrator?
* also updates the 'lastAccess' field in the logged users table.
*/
function is_admin($sid="")
{
global $con, $db_type;

if(!isset($sid) || $sid == '')
{
$sid = session_id();
}
clean_sessions();

if($db_type == 'mysql')
{
$query = "SELECT a.userId,b.userStatus FROM loggedUsers a, users b
WHERE a.sessionId = '$sid' AND b.userStatus >= 2 AND
a.userId = b.userId AND
unix_timestamp(date_add(lastAccess, interval 1 hour)) > unix_timestamp(now())";
}
else
{
$query = "SELECT a.userId,b.userStatus FROM loggedUsers a, users b
WHERE a.sessionId = '$sid' AND b.userStatus >= 2 AND
a.userId = b.userId AND
round(date_part('epoch',lastAccess + interval '1 hour')) >
round(date_part('epoch',now()))";
}

$result = db_query($query);

if($result)
{
$row = db_fetch_row($result);
if($row[1]>1)
{
$query = "UPDATE loggedUsers set lastAccess=now() where userId = $row[0]";
db_query($query);
return $row[1];
}
}
return 0;
}

/**
* retrieves the uers's status. Currently supported values are
* 0 - disabled.
* 1 - enable.
* 2 - admin.
*/

function get_user_status($userId)
{
$query = "SELECT userStatus from users where userId = $userId";
$result = db_query($query);
if($result)
{
$row = db_fetch_row($result);
return $row[0];
}
return 0;
}

/**
* retrieves the email address given the username, used mainly by the
* password reminder service.
*/
function get_email($username, $userId=0)
{
if($userId==0)
{
$query = "SELECT a.userEmail from userProfile a, users b
where b.username='$username' and b.userId = a.userId";
}
else
{
$query = "SELECT userEmail from userProfile    where
userId = $userId";
}
error_log($query);
$result = db_query($query);

if(db_error_log == 0)
{
if($result)
{
$row=db_fetch_row($result);
return $row[0];
}
else
{

return 0;

}
}
else
{

return 0;
}
}

/**
* returns an instance of UserProfile for the member whose userId
* is passed in as a parameter.
*/
function get_profile($userId)
{

$query = "SELECT * from userProfile where userId = $userId";
$result = db_query($query);

if($result)
{

$row = array_change_key_case(db_fetch_array($result));

$profile = new UserProfile;
$profile->id = $row['userid'];
$profile->firstName = $row['userfirstname'];
$profile->lastName = $row['userlastname'];
$profile->email = $row['useremail'];
$profile->addr1 = $row['useraddr1'];
$profile->addr2 = $row['useraddr2'];
$profile->city = $row['usercity'];
$profile->state = $row['userstate'];
$profile->country = $row['usercountry'];
$profile->tel = $row['usertel']    ;
$profile->mobiTel = $row['usermobitel']    ;
$profile->homeTel = $row['userhometel']    ;
$profile->web = $row['userweb']    ;

$profile->fax = $row['userfax'];
$profile->key = $row['uservalidationkey'];
$profile->IP = $row['userip'];
$profile->signUp = $row['usersignup'];
$profile->validated = $row['uservalidated'];
$profile->newsLetter = $row['usernewsletter'];
$porfile->zip = $row['userzip'];

/*
* this can be optimized so kill me
*/
$query = "SELECT userName FROM users WHERE userId = $userId";
$result = db_query($query);
$row = db_fetch_row($result);

$profile->userName=$row[0];

return $profile;
}
}

/**
* displays the box that allows the user to view/change his
* profile
*/
function show_profile($userId)
{

$profile = get_profile($userId);

require_once('profile.txt');
}

/**
* called in when the user submits the change profile form
*/
function change_profile($profile)
{
$query = sprintf("UPDATE userProfile SET userFirstName='%s',
userLastName='%s', userAddr1 = '%s', userAddr2 = '%s',
userEmail = '%s', userTel = '%s', userFax = '%s',
userWeb = '%s', userMobiTel = '%s', userHomeTel = '%s',
userZip = '%s',    userCountry = '%s', userState = '%s',
userCity= '%s'    WHERE userId = %s",

$profile->firstName, $profile->lastName,
$profile->addr1, $profile->addr2, $profile->email,
$profile->tel, $profile->fax, $profile->web,
$profile->mobiTel, $profile->homeTel,
$profile->zip,$profile->country,
$profile->state,$profile->city,$profile->id);

$result = db_query($query);

return db_error_log();
}

/**
* subscribe/unsubscribe from newsletters
*/
function change_newsletter($userId,$setting)
{
global $con;
$val = 0;
if($setting == 'yes')
{
$val=1;
}

$query = "UPDATE userProfile set userNewsLetter=$val where userId=$userId";

db_query($query);
return db_error_log();
}

/**
* changes the password for the given user
*/

function change_password($userId,$password)
{
global $con,$user_password_function;
$password = addslashes($password);
if($user_password_function == 1)
{
$query = "UPDATE users set userPassword= password('$password') WHERE userId=$userId";
}
else
{
$query = "UPDATE users set userPassword= md5('$password') WHERE userId=$userId";
}
$result = db_query($query);

return db_error_log();
}

/**
* returns true if the username and password, and password confirm fields
* are set. And the username field does not contain the '/' or '\' chars.
*/
function is_valid_username()
{
$pass = sanitize_variable($_REQUEST['password']);
$pass1 = sanitize_variable($_REQUEST['password1']);
$user = sanitize_variable($_REQUEST['username']);

return (isset($pass) && $pass != '' &&
isset($pass1) && $pass1 != '' &&
isset($user) && $user != '' &&
strpos($user,'/') ===false &&
strpos($user,"\\") ===false);
}

/**
* finds the userId when the userName is known.
*/
function get_user_id($user)
{
$user = addslashes($user);
$query = "SELECT userId from users WHERE userName='$user'";
$result = db_query($query);
if($result && db_num_rows($result) != 0)
{
$row = db_fetch_row($result);
return $row[0];
}
else
{
return -1;
}
}

/**
* this method changes the user status. The acceptable values are
* 0 - disable account
* 1 - enable account
* 2 - mark as admin
*/

function set_user_status($userId, $status)
{
$query = "UPDATE users set userStatus = $status WHERE userId = $userId";
return db_query($query);
}

function sanitize_variable($var)
{
return addslashes(trim(strip_tags($var)));
}

/**
* hotmail, msn, bigfoot and other free addresses are not allowed.
*/
function is_valid_addr()
{
$disallow = "/hotmail\.com|msn\.com|yahoo\.com|bigoot\.com|lycos\.com/";
$email = sanitize_variable($_REQUEST['email']);
if($email == '' || preg_match($disallow,$email))
{
return 0;
}
else
{
return 1;
}

}

/**
* returns userId on success. 0 on failure.
* This method should be called when someone enters his username and pwd.
*/
function is_valid($user,$password)
{
global $user_password_function;

if($user_password_function == 1)
{
$query = "SELECT userId FROM users WHERE
userName = '$user' and userPassword = password('$password') and userStatus > 0";
}
else
{
$query = "SELECT userId FROM users WHERE
userName = '$user' and userPassword = md5('$password') and userStatus > 0";
}
$result = db_query($query);
db_error_log();

if($result && db_num_rows($result) ==1)
{

$row = db_fetch_row($result);

return $row[0];
}
return 0;
}

/**
* check the referer to minimize abuse..
* todo: a more vigourous check.
*/
function is_valid_referer()
{
global $site_url;
return (strstr($_SERVER['HTTP_REFERER'],$site_url));
}

function on_session_start($save_path, $session_name) {
error_log($session_name . " ". session_id());
}

function on_session_end() {
// Nothing needs to be done in this function
// since we used persistent connection.
}

function on_session_read($key) {
global $db_type;

$stmt = "select session_data from sessions ";
$stmt .= "where session_id ='$key' ";

if($db_type == 'mysql')
{
$stmt .= "and unix_timestamp(session_expiration) >
unix_timestamp(date_add(now(),interval 1 hour))";
}
else
{
$stmt .= "and round(date_part('epoch',session_expiration)) >
round(date_part('epoch',lastAccess + interval '1 hour'))";
}

$result = db_query($stmt);

if($result)
{
$row = array_change_key_case(db_fetch_array($result));
return($row['session_data']);
}
else
{
return $result;
}
}

/**
* The heart of the session manager.
*
* If you are load balancing your web site across several servers you cannot
* store session information in files. You will either need to store the
* information in a database or use cookies. Since many people are reluctant
* to trust cookies your choices narrow down to exactly one. YOu need to use
* database.
*
* Storing session information in a database makes sense if you are on a
* shared hosting enviorenment and have concerns about security.
*
* To enabale this feature set the variable $session_in_db to 'db';
*/
function on_session_write($key, $val) {
global $db_type;

$val = addslashes($val);

$insert_stmt = "insert into sessions values('$key', ";
if($db_type == 'mysql')
{
$insert_stmt .= "'$val',unix_timestamp(date_add(now(), interval 1 hour)))";
}
else
{
$insert_stmt .= "'$val',round(date_part('epoch',lastAccess + interval '1 hour')))";
}

$update_stmt = "update sessions set session_data ='$val', ";
if($db_type == 'mysql')
{
$update_stmt .= "session_expiration = unix_timestamp(date_add(now(), interval 1 hour))";
}
else
{
$update_stmt .= "session_expiration = round(date_part('epoch',lastAccess + interval '1 hour'))";
}

$update_stmt .= "where session_id ='$key '";

// First we try to insert, if that doesn't succeed, it means
// session is already in the table and we try to update

db_query($insert_stmt);

$err = db_error_log();

if ($err != '')
{
db_query($update_stmt);
}
}

function on_session_destroy($key) {
db_query("delete from sessions where session_id = '$key'");
}

function on_session_gc($max_lifetime)
{
global $db_query;
if($db_query == 'mysql')
{
db_query("delete from sessions where unix_timestamp(session_expiration)
< unix_timestamp(now())");
}
else
{
db_query("delete from sessions where round(date_part('epoch',session_expiration))
< round(date_part('epoch',now()))");
}
}

if(isset($session_save) && $session_save == 'db')
{
error_log('setting save handler');
// Set the save handlers
session_set_save_handler("on_session_start",   "on_session_end",
"on_session_read",    "on_session_write",
"on_session_destroy", "on_session_gc");
}

session_start();
?>

&nbsp;

PHP Scripts for AuthMan Free Authentication

Leave a reply

AuthMan Free is an authentication/password protection and membership management system written in PHP and licensed under the GNU GPL. It uses .htpasswd and .htaccess files to protect web directory. Installation is easy and programming knowledge does not required. Features: – Easy to install and use – Optionally, script can send an email notification to the administrator when a new user registers – Allows users to modify their account deta.

<?php
/*~ class.pop3.php
.---------------------------------------------------------------------------.
| Software: PHPMailer - PHP email class                                    |
|   Version: 2.0.0 rc2                                                      |
|   Contact: via sourceforge.net support pages (also www.codeworxtech.com) |
|      Info: http://phpmailer.sourceforge.net                               |
|   Support: http://sourceforge.net/projects/phpmailer/                     |
| ------------------------------------------------------------------------- |
|    Author: Andy Prevost (project admininistrator)                         |
|    Author: Brent R. Matzelle (original founder)                           |
| Copyright (c) 2004-2007, Andy Prevost. All Rights Reserved.               |
| Copyright (c) 2001-2003, Brent R. Matzelle                                |
| ------------------------------------------------------------------------- |
|   License: Distributed under the Lesser General Public License (LGPL)     |
|            http://www.gnu.org/copyleft/lesser.html                        |
| This program is distributed in the hope that it will be useful - WITHOUT |
| ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or     |
| FITNESS FOR A PARTICULAR PURPOSE.                                         |
| ------------------------------------------------------------------------- |
| We offer a number of paid services (www.codeworxtech.com):                |
| - Web Hosting on highly optimized fast and secure servers                 |
| - Technology Consulting                                                   |
| - Oursourcing (highly qualified programmers and graphic designers)        |
'---------------------------------------------------------------------------'

/**
* POP Before SMTP Authentication Class
* Version 1.0
*
* Author: Richard Davey (rich@corephp.co.uk)
* License: LGPL, see PHPMailer License
*
* Specifically for PHPMailer to allow POP before SMTP authentication.
* Does not yet work with APOP - if you have an APOP account, contact me
* and we can test changes to this script.
*
* This class is based on the structure of the SMTP class by Chris Ryan
*
* This class is rfc 1939 compliant and implements all the commands
* required for POP3 connection, authentication and disconnection.
*
* @package PHPMailer
* @author Richard Davey
*/

class POP3
{
/**
* Default POP3 port
* @var int
*/
var $POP3_PORT = 110;

/**
* Default Timeout
* @var int
*/
var $POP3_TIMEOUT = 30;

/**
* POP3 Carriage Return + Line Feed
* @var string
*/
var $CRLF = "\r\n";

/**
* Displaying Debug warnings? (0 = now, 1+ = yes)
* @var int
*/
var $do_debug = 2;

/**
* POP3 Mail Server
* @var string
*/
var $host;

/**
* POP3 Port
* @var int
*/
var $port;

/**
* POP3 Timeout Value
* @var int
*/
var $tval;

/**
* POP3 Username
* @var string
*/
var $username;

/**
* POP3 Password
* @var string
*/
var $password;

/**#@+
* @access private
*/
var $pop_conn;
var $connected;
var $error;     // Error log array
/**#@-*/

/**
* Constructor, sets the initial values
*
* @return POP3
*/
function POP3 ()
{
$this->pop_conn = 0;
$this->connected = false;
$this->error = null;
}

/**
* Combination of public events - connect, login, disconnect
*
* @param string $host
* @param integer $port
* @param integer $tval
* @param string $username
* @param string $password
*/
function Authorise ($host, $port = false, $tval = false, $username, $password, $debug_level = 0)
{
$this->host = $host;

// If no port value is passed, retrieve it
if ($port == false)
{
$this->port = $this->POP3_PORT;
}
else
{
$this->port = $port;
}

// If no port value is passed, retrieve it
if ($tval == false)
{
$this->tval = $this->POP3_TIMEOUT;
}
else
{
$this->tval = $tval;
}

$this->do_debug = $debug_level;
$this->username = $username;
$this->password = $password;

// Refresh the error log
$this->error = null;

// Connect
$result = $this->Connect($this->host, $this->port, $this->tval);

if ($result)
{
$login_result = $this->Login($this->username, $this->password);

if ($login_result)
{
$this->Disconnect();

return true;
}

}

// We need to disconnect regardless if the login succeeded
$this->Disconnect();

return false;
}

/**
* Connect to the POP3 server
*
* @param string $host
* @param integer $port
* @param integer $tval
* @return boolean
*/
function Connect ($host, $port = false, $tval = 30)
{
// Are we already connected?
if ($this->connected)
{
return true;
}

/*
On Windows this will raise a PHP Warning error if the hostname doesn't exist.
Rather than supress it with @fsockopen, let's capture it cleanly instead
*/

set_error_handler(array(&$this, 'catchWarning'));

// Connect to the POP3 server
$this->pop_conn = fsockopen($host,    // POP3 Host
$port,    // Port #
$errno,   // Error Number
$errstr, // Error Message
$tval);   // Timeout (seconds)

// Restore the error handler
restore_error_handler();

// Does the Error Log now contain anything?
if ($this->error && $this->do_debug >= 1)
{
$this->displayErrors();
}

// Did we connect?
if ($this->pop_conn == false)
{
// It would appear not...
$this->error = array(
'error' => "Failed to connect to server $host on port $port",
'errno' => $errno,
'errstr' => $errstr
);

if ($this->do_debug >= 1)
{
$this->displayErrors();
}

return false;
}

// Increase the stream time-out

// Check for PHP 4.3.0 or later
if (version_compare(phpversion(), '4.3.0', 'ge'))
{
stream_set_timeout($this->pop_conn, $tval, 0);
}
else
{
// Does not work on Windows
if (substr(PHP_OS, 0, 3) !== 'WIN')
{
socket_set_timeout($this->pop_conn, $tval, 0);
}
}

// Get the POP3 server response
$pop3_response = $this->getResponse();

// Check for the +OK
if ($this->checkResponse($pop3_response))
{
// The connection is established and the POP3 server is talking
$this->connected = true;
return true;
}

}

/**
* Login to the POP3 server (does not support APOP yet)
*
* @param string $username
* @param string $password
* @return boolean
*/
function Login ($username = '', $password = '')
{
if ($this->connected == false)
{
$this->error = 'Not connected to POP3 server';

if ($this->do_debug >= 1)
{
$this->displayErrors();
}
}

if (empty($username))
{
$username = $this->username;
}

if (empty($password))
{
$password = $this->password;
}

$pop_username = "USER $username" . $this->CRLF;
$pop_password = "PASS $password" . $this->CRLF;

// Send the Username
$this->sendString($pop_username);
$pop3_response = $this->getResponse();

if ($this->checkResponse($pop3_response))
{
// Send the Password
$this->sendString($pop_password);
$pop3_response = $this->getResponse();

if ($this->checkResponse($pop3_response))
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}

/**
* Disconnect from the POP3 server
*/
function Disconnect ()
{
$this->sendString('QUIT');

fclose($this->pop_conn);
}

/*
---------------
Private Methods
---------------
*/

/**
* Get the socket response back.
* $size is the maximum number of bytes to retrieve
*
* @param integer $size
* @return string
*/
function getResponse ($size = 128)
{
$pop3_response = fgets($this->pop_conn, $size);

return $pop3_response;
}

/**
* Send a string down the open socket connection to the POP3 server
*
* @param string $string
* @return integer
*/
function sendString ($string)
{
$bytes_sent = fwrite($this->pop_conn, $string, strlen($string));

return $bytes_sent;

}

/**
* Checks the POP3 server response for +OK or -ERR
*
* @param string $string
* @return boolean
*/
function checkResponse ($string)
{
if (substr($string, 0, 3) !== '+OK')
{
$this->error = array(
'error' => "Server reported an error: $string",
'errno' => 0,
'errstr' => ''
);

if ($this->do_debug >= 1)
{
$this->displayErrors();
}

return false;
}
else
{
return true;
}

}

/**
* If debug is enabled, display the error message array
*
*/
function displayErrors ()
{
echo '<pre>';

foreach ($this->error as $single_error)
{
print_r($single_error);
}

echo '</pre>';
}

/**
* Takes over from PHP for the socket warning handler
*
* @param integer $errno
* @param string $errstr
* @param string $errfile
* @param integer $errline
*/
function catchWarning ($errno, $errstr, $errfile, $errline)
{
$this->error[] = array(
'error' => "Connecting to the POP3 server raised a PHP warning: ",
'errno' => $errno,
'errstr' => $errstr
);
}

// End of class
}
?>

&nbsp;

Scripts for w3pw PHP User Authentication

Leave a reply

W3pw is a web based password wallet manager written in PHP. The encrypted information is stored in a MySql Database. Features: – Platform independent. Webserver, PHP and MySql are available for a wide range of Operating Systems – Information is encrypted – Available Fields per entry: Info, host, login, password and description – Upload function for semicolon separated text-files – Timout for automatic logout Requirements: · A Webserv

<?php
session_start();
include("include/config.php");
?>
<html>
<head>
<title>w3pw Main</title>
<?php
include("include/css.php");
include("include/headerstuff.php");
include("include/crypt.php");
?>
</head>
<body>

<?php

// session active?
if (!isset($_SESSION['logged_in']))
{
// no session active - check pw
if ($conn = mysql_connect($hostname, $dbuser, $dbpasswd))
{
if (mysql_select_db($database,$conn))
{
$cleartext_pw = "";
// encrypt the pw given at logon
if (isset($_POST['password']))
{
$cleartext_pw = $_POST['password'];
}
$crypt_pw = sha1($cleartext_pw);

// check pw
$list = mysql_query ("SELECT version, pw FROM main");
$entries = mysql_fetch_object($list);
$db_pw=$entries->pw;
if ($crypt_pw == $db_pw)
{
// password match - proceed
$_SESSION['logged_in'] = 1;
$_SESSION['key'] = md5("%dJ9&".strtolower($cleartext_pw)."(/&k.=".strtoupper($cleartext_pw)."1x&%");
// delete cleartext pw in memory
unset($cleartext_pw);
$_SESSION['version']=$entries->version;
}
else
{
session_unset();
session_destroy();
echo "<body><b>Wrong Password</b>....<br />try <a href=\"index.php\">again</a>\n";
}
}
else
{
// cant connect to database
session_unset();
session_destroy();
echo "<br />Ooops - <b>Can't connect to the database</b>....<br />Please try <a href=\"index.php\">again</a>\n";
}
mysql_close($conn);
}
else
{
// cant connect to the server
session_unset();
session_destroy();
echo "<br />Ooops - <b>Can't connect to the database-server</b>...<br />Please try <a href=\"index.php\">again</a>\n";
}
}

if ((isset($_SESSION['logged_in'])) && ($_SESSION['logged_in'] == 1))
{
// session is active

// any actions to perform?
if (isset($_POST['action']))
{
// save new entry
if ($_POST['action'] == "save")
{
if ($conn = mysql_connect($hostname, $dbuser, $dbpasswd))
{
if (mysql_select_db($database,$conn))
{
$list = mysql_query ("INSERT INTO wallet VALUES('','".
mysql_escape_string (en_crypt($_POST['itemname'],$_SESSION['key']))."','".
mysql_escape_string (en_crypt($_POST['host'],$_SESSION['key']))."','".
mysql_escape_string (en_crypt($_POST['login'],$_SESSION['key']))."','".
mysql_escape_string (en_crypt($_POST['password'],$_SESSION['key']))."','".
mysql_escape_string (en_crypt($_POST['comment'],$_SESSION['key']))."')");

unset($_POST['itemname'], $_POST['host'], $_POST['login'], $_POST['password'], $_POST['comment']);
}
else
{
echo "<br />Ooops - <b>can't find the database</b>....\n";
}
mysql_close($conn);
}
else
{
echo "<br />Ooops - <b>can't connect to the database-server</b>...\n";
}

}

// save edited entry
if ($_POST['action'] == "editsave")
{
if ($conn = mysql_connect($hostname, $dbuser, $dbpasswd))
{
if (mysql_select_db($database,$conn))
{
$list = mysql_query ("UPDATE wallet SET itemname='".mysql_escape_string(en_crypt($_POST['itemname'],$_SESSION['key'])).
"', host='".mysql_escape_string(en_crypt($_POST['host'],$_SESSION['key'])).
"', login='".mysql_escape_string(en_crypt($_POST['login'],$_SESSION['key'])).
"', pw='".mysql_escape_string(en_crypt($_POST['password'],$_SESSION['key'])).
"', comment='".mysql_escape_string(en_crypt($_POST['comment'],$_SESSION['key'])).
"' WHERE ID=".$_POST['ID']);

unset($_POST['itemname'], $_POST['host'], $_POST['login'], $_POST['password'], $_POST['comment']);
}
else
{
echo "<br />Ooops - <b>Can't find the database</b>....\n";
}
mysql_close($conn);
}
else
{
echo "<br />Ooops - <b>Can't connect to the database-server</b>...\n";
}
}

// delete entry
if ($_POST['action'] == "reallydelete")
{
if ($conn = mysql_connect($hostname, $dbuser, $dbpasswd))
{
if (mysql_select_db($database,$conn))
{
$list = mysql_query ("DELETE FROM wallet WHERE ID=".$_POST['ID']);
}
else
{
echo "<br />Ooops - <b>Can't find the database</b>....\n";
}
mysql_close($conn);
}
else
{
echo "<br />Ooops - <b>Can't connect to the database-server</b>...\n";
}
}

// import uploaded file
if ($_POST['action'] == "import")
{

$row = $_POST['row'];

// check that each header field is used only once in import2.php

// sort header_fields by occurence
asort($row);

if ($conn = mysql_connect($hostname, $dbuser, $dbpasswd))
{
if (mysql_select_db($database,$conn))
{
// finally import the data

$fd = fopen ($tmppath."w3pw.csv", "r");
while ($data = fgetcsv ($fd, 4096, ";"))
{
if (count($data)>1)
{
$mysql_string="INSERT INTO wallet VALUES(''";

reset($_POST['row']);
while (list ($index, $val) = each ($_POST['row']))
{
$mysql_string.=",'".mysql_escape_string(en_crypt($data[$val],$_SESSION['key']))."'";
}
$mysql_string.=")";
mysql_query ($mysql_string);
unset($mysql_string);
}
}
fclose ($fd);

unset($row);
unset($data);
}
else
{
echo "<br />Ooops - <b>Can't find the database</b>....\n";
}
mysql_close($conn);
}
else
{
echo "<br />Ooops - <b>Can't connect to the database-server</b>...\n";
}

}
}

// check if there is an uploaded file still in the tmp directory -> delete
if (is_file($tmppath."w3pw.csv"))
{
unlink ($tmppath."w3pw.csv");
}

// menu header
echo "<center><table width=\"100%\" style=\"table-layout:fixed\">\n<tr>\n";
echo "<td><a href=\"main.php\" class=\"menu\">list</a></td><td><a href=\"insert.php\" class=\"menu\">new entry</a></td><td><a href=\"import.php\" class=\"menu\">import</a></td><td><a href=\"logout.php\" class=\"menu\">logout</a></td>\n";
echo "</tr></table></center><p>\n";

if ($conn = mysql_connect($hostname, $dbuser, $dbpasswd))
{
if (mysql_select_db($database,$conn))
{
$list = mysql_query ("SELECT ID, itemname FROM wallet");
$header_array = array();
while ($entries = mysql_fetch_object($list))
{
$header_array[$entries->ID]=de_crypt($entries->itemname,$_SESSION['key']);
}

natcasesort($header_array);
reset($header_array);

$counter=0;
while (list ($ID, $itemname) = each ($header_array))
{
$counter++;
$list = mysql_query ("SELECT host FROM wallet WHERE ID=".$ID);
$entries = mysql_fetch_object($list);

// table header
if ($counter == 1)
{
echo "<center><table width=\"100%\" style=\"table-layout:fixed\"><tr><th style=\"width:140px\">Entryname</th><th>Host/URL</th><th style=\"width:32px\">&nbsp;</th><th style=\"width:32px\">&nbsp;</th><th style=\"width:45px\">&nbsp;</th></tr>\n";
}

// show entries
if ($counter % 2 == 0)
{
echo "<tr class=\"even\">";
}
else
{
echo "<tr class=\"odd\">";
}
echo "<td>".$itemname."</td><td>".de_crypt($entries->host,$_SESSION['key'])."</td><td>&nbsp;<a href=\"view.php?ID=".$ID."\">view</a>&nbsp;</td><td>&nbsp;<a href=\"edit.php?ID=".$ID."\">edit</a>&nbsp;</td><td>&nbsp;<a href=\"delete.php?ID=".$ID."\">delete</a>&nbsp;</td></tr>\n";

}

// table footer
if ($counter >= 1)
{
echo "</table></center>";
}

unset($header_array,$itemname);
echo "<p>w3pw v".$_SESSION['version']."</p>";
}
else
{
echo "<br />Ooops - <b>Can't find the database</b>....\n";
}
mysql_close($conn);
}
else
{
echo "<br />Ooops - <b>Can't connect to the database-server</b>...\n";
}
}
?>
</body>
</html>

&nbsp;

PHP Advanced Password Protect User Authentication

Leave a reply

Advanced Password Protect script allows you to password protect web pages by adding one line of PHP code to the page source. Script will show login form to protect content from unauthorized access. It includes login form, signup form, password reminder, and user management page for admin. Uses flat file database, no MySQL required. Can be set up to redirect after successful login.

<?php

#####################################################################################
# Flat File Database Manager 1.2
#####################################################################################
# Visit http://www.zubrag.com/scripts/ for updates
#####################################################################################
# Expects:
#
# Database file name, i.e. file with real data
# --> $data_file
#####################################################################################
# Database definition file. You have to describe database format in this file.
# Each row describes one field
# Allowed data types:
# STRING: Rendered as regular input field. Row format:
#          title,STRING,length
# TEXT:    Rendered as text area. Row format:
#          title,TEXT,columns,rows
# LOGICAL: Rendered as check box (flag). Row format:
#          title,LOGICAL,1,value for Yes,value for No
# LIST:    Rendered as list box or combo box. Row format:
#          title,LIST,number of rows visible at a time,colon ":" separated allowed values
#
# Sample data definition file contents:
# City,LIST,3,City1:City2:City3:City4:City5
# State,LIST,1,NY:CA:LA
# Zip,STRING,8
# Active,LOGICAL,1,Y:N
# Comments,TEXT,30:2
# --> $structure_file
######################################################################################
# Fields delimiter
# --> $delimiter
#####################################################################################

// strip slashes
if (get_magic_quotes_gpc()) {
function stripslashes_deep($value) {
$value = is_array($value) ? array_map('stripslashes_deep', $value) : (isset($value) ? stripslashes($value) : null);
return $value;
}

$_POST = stripslashes_deep($_POST);
$_GET = stripslashes_deep($_GET);
//$_COOKIE = stripslashes_deep($_COOKIE);
}

$structure_tmp = file($structure_file);
$structure = array();
foreach($structure_tmp as $key=>$tmp) {
/*if(strpos($tmp,':') === 0) {
$code = explode(':',$tmp);
${$code[1]} = trim($code[2]);
continue;
}*/
$line = explode(',',$tmp);
$name_will_be = str_replace(' ','',trim($line[0]));
foreach($structure as $key1=>$value1) {
if ($value1['name'] == $name_will_be)
die("Few columns have the similar name (not counting spaces): '{$line[0]}'. Please rename.");
}
$structure[$key]['name_original'] = trim($line[0]);
$structure[$key]['name'] = str_replace(' ','',$structure[$key]['name_original']);
$structure[$key]['type'] = trim($line[1]);
if (isset($line[2])) $structure[$key]['format'] = trim($line[2]);
if (isset($line[3])) {
$values = explode(':',$line[3]);
foreach($values as $item) {
$structure[$key]['values'][] = trim($item);
}
}
}

// Save data (Submit button pressed)
if (isset($_POST['submit'])) {
/////////////////////////////////////////////////

if ($skip_lines > 0) {
// read header lines
$tmp_data = file($data_file);
}

$f = fopen($data_file,'w+');
if ($f) {

// save header back to file
if ($skip_lines > 0) {
for($i=0; $i < $skip_lines; $i++) {
fputs($f,$tmp_data[$i]);
}
}

for( $i=0; $i < count($_POST[$structure[0]['name']]); $i++ ) {
// do not save records marked for delete
if (isset($_POST['d_e_l_e_t_e'][$i])) continue;

$s = '';
$isfirst = true;
foreach($structure as $key => $field) {
$n1 = isset($_POST[$structure[$key]['name']]) ? $_POST[$structure[$key]['name']] : '';
$v1 = isset($n1[$i]) ? $n1[$i] : $structure[$key]['values'][1];
// remove new line characters as each new line represents new database row
$v1 = str_replace(array("\r\n","\n","\r"),'',$v1);
$s = $s . ($isfirst ? '' : $delimiter) . $v1;
$isfirst = false;
}
// do not save empty lines
if (trim(str_replace($delimiter,'',$s)) == '') continue;

// save database record to file
fputs($f,$s."\n");
} // for
fclose($f);
} // if
}

$data = file($data_file);

// skip header lines
if ($skip_lines > 0) $data = array_slice($data, $skip_lines);

// add "new line" holder
$data[] = str_repeat($delimiter,count($structure)-1);

echo '<html>';
echo "<head><title>$data_file</title></head>";
echo "<body><h1>$data_file</h1>";
echo '<form method="post">';
echo '<table>'."\n";

// output header
echo '<tr style="background: #AAAAAA; border: 1px solid blue">';
foreach ($structure as $key=>$line) {
echo "<th>{$line['name_original']}</th>";
}
echo '<th>Mark</th>';
echo '</tr>'."\n";

// output data
foreach($data as $datakey => $line) {

// skip empty rows
if (trim($line) == '') continue;

echo '<tr style="background: #'.($datakey % 2 == 0 ? 'F0F0F0' : 'FAFAFA').'">';

$items = explode($delimiter,$line);

// any fields not defined? add empty
while (count($items) < count($structure))
$items[] = '';

foreach ($items as $key => $item) {
$item = htmlspecialchars(trim($item));
$name = $structure[$key]['name'];
echo "\n".' <td valign="top">';
switch ($structure[$key]['type']) {
case 'STRING':
echo '<input onchange="cdf('.$datakey.')" name="'.$name.'['.$datakey.']" value="'.$item.'" size="'.$structure[$key]['format'].'" />';
break;
case 'TEXT':
$rc = explode(':',$structure[$key]['format']);
$cols = trim($rc[0]);
$rows = trim($rc[1]);
echo '<textarea onchange="cdf('.$datakey.')" name="'.$name.'['.$datakey.']" rows="'.$rows.'" cols="'.$cols.'">'.$item.'</textarea>';
break;
case 'LOGICAL':
$val_yes = trim($structure[$key]['values'][0]);
echo '<input onchange="cdf('.$datakey.')" name="'.$name.'['.$datakey.']" type="checkbox" '.(($item == $val_yes) ? 'checked' : '').' value="'.$val_yes.'" />';
break;
case 'LIST':
echo '<select onchange="cdf('.$datakey.')" name="'.$name.'['.$datakey.']" size="'.$structure[$key]['format'].'">';
foreach($structure[$key]['values'] as $value) {
echo '<option value="'.$value.'" '.($value == $item ? 'selected' : '').'>'.$value.'</option>';
}
echo '</select>';
break;
}
echo '</td>';
}

// Mark for delete if last record (i.e. Add option). In this way we'll skip adding empty records
echo "\n <td><input id='d_e_l_e_t_e[{$datakey}]' name='d_e_l_e_t_e[{$datakey}]' type='checkbox' ".($datakey == count($data)-1 ? 'checked' : '')." /></td>";
echo "\n</tr>\n";

}

echo '<tr><td colspan=255 align=center><input type="submit" name="submit" value="Save Changes and Delete marked" style="border:1px solid red"></td></tr>';
echo '</table>';
echo "</form>

<script>
function cdf(theid) {
document.getElementById('d_e_l_e_t_e['+theid+']').checked = false;
}
</script>";

echo '</body>';
echo '</html>';

?>

&nbsp;

PHP SCRIPTS 4U

The Blog of Enthusiastic PHP Scripters

Category Archives: Security

Apache .conf and phpini file backups

PHP Scripts for SiteBar is a bookmark server

PHP Scripts for Brim is an application suite

Fast Secure Contact Form PHP Scripts

SI CAPTCHA Anti-Spam Site Navigation

How To Create A Pagination In PHP

PHP Scripts for Rad User Manager

PHP Scripts for AuthMan Free Authentication

Scripts for w3pw PHP User Authentication

PHP Advanced Password Protect User Authentication